EMV and Small Merchants:



Similar documents
EMV and Restaurants: What you need to know. Mike English. October Executive Director, Product Development Heartland Payment Systems

Heartland Secure. By: Michael English. A Heartland Payment Systems White Paper Executive Director, Product Development

EMV and Restaurants What you need to know! November 19, 2014

What Merchants Need to Know About EMV

Preparing for EMV chip card acceptance

Understand the Business Impact of EMV Chip Cards

Card Network Update Chip (EMV) Acceptance in the United States At-A-Glance

toast EMV in 2015: How Restaurants Can Prepare for the New Chip-and-Pin Standard

CITGO CHIP & MOBILE TM. Quick-Start Guide YOUR CUSTOMERS. are

EMV in Hotels Observations and Considerations

The Relationship Between PCI, Encryption and Tokenization: What you need to know

Payments Transformation - EMV comes to the US

OpenEdge Research & Development Group April 2015

What is EMV? What is different?

welcome to liber8:payment

EMV : Frequently Asked Questions for Merchants

THE ROAD TO U.S. EMV MIGRATION Information and Strategies to Help Your Institution Make the Change

EMV Frequently Asked Questions for Merchants May, 2014

The Adoption of EMV Technology in the U.S. By Dave Ewald Global Industry Sales Consultant Datacard Group

THE FIVE Ws OF EMV BY DAVE EWALD GLOBAL EMV CONSULTANT AND MANAGER DATACARD GROUP

Mobile Near-Field Communications (NFC) Payments

Chip Card (EMV ) CAL-Card FAQs

Visa Recommended Practices for EMV Chip Implementation in the U.S.

U.S. Smart Card Migration: Stripe to EMV Claudia Swendseid, Federal Reserve Bank of Minneapolis Terry Dooley, SHAZAM Kristine Oberg, Elavon

EMV FAQs. Contact us at: Visit us online: VancoPayments.com

A Guide to EMV. Version 1.0 May Copyright 2011 EMVCo, LLC. All rights reserved.

EMV's Role in reducing Payment Risks: a Multi-Layered Approach

Apple Pay. Frequently Asked Questions UK Launch

EMV and Chip Cards Key Information On What This Is, How It Works and What It Means

EMV and Encryption + Tokenization: A Layered Approach to Security

PCI 3.1 Changes. Jon Bonham, CISA Coalfire System, Inc.

U.S. Bank. U.S. Bank Chip Card FAQs for Program Administrators. In this guide you will find: Explaining Chip Card Technology (EMV)

Dates VISA MasterCard Discover American Express. support EMV. International ATM liability shift 2

PCI and EMV Compliance Checkup

American Express Contactless Payments

Visa U.S. Merchant EMV Chip Acceptance Readiness Guide. 10 Steps to Planning Chip Implementation for Contact and Contactless Transactions

What Issuers Need to Know Top 25 Questions on EMV Chip Cards and Personalization

Introductions 1 min 4

Enhancing Payment Card Security New Measures to be Phased in from 2 nd Quarter 2010 to 1 st Quarter 2011

Fall Conference November 19 21, 2013 Merchant Card Processing Overview

Visa U.S. Merchant EMV Chip Acceptance Readiness Guide. 10 Steps to Planning Chip Implementation for Contact and Contactless Transactions

Apple Pay. Frequently Asked Questions UK

Your Reference Guide to EMV Integration: Understanding the Liability Shift

Payment Methods. The cost of doing business. Michelle Powell - BASYS Processing, Inc.

Testimony of Scott Talbott, Sr. V.P. for Government Relations, Electronic Transactions Association (ETA)

A RE T HE U.S. CHIP RULES ENOUGH?

EMV EMV TABLE OF CONTENTS

Implication of EMV Migration for the U.S. Transportation Industry. May 1, Implication of EMV Migration for the U.S. Transportation Industry

FUTURE PROOF TERMINAL QUICK REFERENCE GUIDE. Review this Quick Reference Guide to. learn how to run a sale, settle your batch

Changing Consumer Purchasing Patterns. John Mayleben, CPP SVP, Technology and Product Development Michigan Retailers Association

Visa U.S. Merchant EMV Chip Acceptance Readiness Guide. 10 Steps to Planning Chip Implementation for Contact and Contactless Transactions

How to Prepare. Point of sale requirements are changing. Get ready now.

The Impact of Emerging Payment Technologies on Retail and Hospitality Businesses. National Computer Corporation

How Secure are Contactless Payment Systems?

The Canadian Migration to EMV. Prepared By:

A Guide to EMV Version 1.0 May 2011

PREVENTING PAYMENT CARD DATA BREACHES

E M V I M P L E M E N TAT I O N T O O L S F O R S U C C E S S, P C I & S E C U R I T Y. February 2014

Tokenization: FAQs & General Information. BACKGROUND. GENERAL INFORMATION What is Tokenization?

Frequently asked questions - Visa paywave

Emerging Trends in the Payment Ecosystem: The Good, the Bad and the Ugly DAN KRAMER

SELLING PAYMENT SYSTEMS SERVICES & SOLUTIONS

Credit Card Processing, Point of Sale, ecommerce

Euronet s EMV Chip Solutions Superior Protection with Enhanced Security against Fraud

Table of Contents. Overview. What is payment processing? Who s Who. Types of Payment Solutions. Online Transactions. Interchange Process

Trends in Merchant Payment Acceptance

Credit Card Processing Overview

Secure Payments Framework Workgroup

FAQ EMV. EMV Overview

FOR A BARRIER-FREE PAYMENT PROCESSING SOLUTION

Flexible and secure. acceo tender retail. payment solution. tender-retail.acceo.com

WIRELESS - GPRS iwl250 POS SOLUTION

Fraud Protection, You and Your Bank

Mitigating Fraud Risk Through Card Data Verification

Fiscal Service EMV Education Series EMV-Compliant Point-of-Sale Card Acceptance for Federal Agencies. Fiscal Service / Vantiv July 27, 2015

Card Technology Choices for U.S. Issuers An EMV White Paper

EMV ADOPTION AND ITS IMPACT ON FRAUD MANAGEMENT WORLDWIDE

EMV Chip and PIN. Improving the Security of Federal Financial Transactions. Ian W. Macoy, AAP August 17, 2015

CardControl. Credit Card Processing 101. Overview. Contents

AUSTRALIAN PAYMENTS FRAUD DETAILS AND DATA

Transcription:

September 2014 EMV and Small Merchants: What you need to know Mike English Executive Director, Product Development Heartland Payment Systems 2014 Heartland Payment Systems, Inc. All trademarks, service marks and trade names referenced in this material are the property of their respective owners.

The goal of this white paper is to educate the reader about EMV and the potential benefits of implementing an EMV solution, and to provide high-level information that will guide you to successfully implement EMV for payment acceptance. What Is EMV? EMV is a set of standards designed to protect debit and credit cards that are accepted at the point of sale, as well as ATM transactions. EMV chip-based payment cards, also known as smartcards, contain an embedded microprocessor, a type of small computer. The microprocessor chip contains the information needed to use the card for payment, and is protected by various security features. Chip cards are a more secure alternative to traditional magnetic stripe payment cards. EMV standards define the interaction at the physical, electrical, data and application levels between an integrated circuit (IC) chip embedded in a plastic card and the point of sale terminal or device that reads the IC card for processing EMV financial transactions. EMV s payment security approach is based on smartcard technology that adds dynamic security data to the transaction stream, authenticating that the card is present at the point of purchase. Additionally, every card contains its own microprocessor chip, making the cards nearly impossible to economically counterfeit. Merchants are able to accept EMV cards in two ways. One method is to insert the EMV card into a card reader that is integrated in the terminal or PIN pad. This is referred to as an EMV contact transaction. Another way for merchants to accept EMV cards is contactless, where the card is tapped at the terminal or PIN pad s contactless reader for payment acceptance. The EMV standards were formed by Europay, MasterCard, and Visa in 1993. Today, there are more than 1.5 billion EMV cards deployed in more than 120 countries on four continents. The United States will be the last country to migrate to EMV. What Benefits Does EMV Provide for Merchants? Merchants that implement an EMV solution may benefit from a reduction in card fraud, decreased requests for copies in relation to chargebacks, and fewer disputes, as well as the opportunity to update terminals for other capabilities like Near Field Communications (NFC) 1 contactless acceptance. Migration to EMV may move restaurant payment acceptance to the tableside, which can reduce wait staff steps and help turn tables faster. 1 Near Field Communication (NFC) is a short-range wireless connectivity technology (also known as ISO 18092) that provides intuitive, simple and safe communication between electronic devices. heartlandpaymentsystems.com 2

Is EMV Practical for Small Merchants? At first glance, the financial value to small merchants is questionable, as one must consider the liability shift 2 mandated by the Card Brands and the volume of fraudulent cards that a small merchant receives today versus the cost of installing an EMV-enabled terminal. However, incidents of fraudulent cards being presented at small retail locations will increase as national merchants move forward with implementing EMV, and criminals begin to seek out non- EMV supporting businesses. Cardholders will eventually recognize the security improvements offered by EMV, and will look to make purchases from merchants with an EMV solution. Merchants will want to be viewed as a safe place to shop and will be influenced by the growing awareness of their customers. Additionally, EMV specifically contactless EMV brings NFC acceptance with it, and marketing opportunities such as the ones provided by Isis and Google Wallet programs. Eventually, NFC might be a driving force along with other point-of-touch technologies such as QR codes. So, in the long run, the answer is yes EMV will be practical and beneficial for small merchants. Most new terminals being sold today have an integrated EMV contact reader, so it will be simpler for a merchant to start accepting EMV when it is time. How Are EMV Transactions Authorized? EMV transactions can be authorized online and offline. EMV transactions authorized online are verified though an online connection from the merchant s terminal or point-of-sale system to card issuers, via an acquirer like Heartland Payment Systems. This process is much like today s magnetic stripe-based transactions in the U.S., where transactions are authorized online. EMV offline transactions are authorized through authentication of the card and the merchant EMV acceptance device (point of sale or terminal). MasterCard and Discover have announced their support for offline authorization, but Visa does not support offline authorization for U.S.-issued chip cards. Chances are that your transactions will be authorized in an online mode and you will not need to be concerned about offline authorization. How Are Cardholders Verified? Use of PIN is a common EMV cardholder verification method (CVM) that authenticates the cardholder and protects against the merchant s acceptance of a lost or stolen card. When a cardholder s pin is used to validate who they say they are, it is called chip & pin. In addition to chip & pin, other customer verification methods include signature verification and no customer verification, which is used today at some quick service restaurants. The U.S. will most likely migrate to chip & choice, with transactions authorized in real time. Selection of other appropriate customer verification methods will depend on how customers pay for goods and services at your location today, speed of checkout, customer convenience, and the need for chargeback protection, as well as the merchant s terminal or POS system s capabilities. 2 Visa, MasterCard, Discover and American Express have mandated that liability for fraudulent cards will shift to the issuer or merchant/acquirer on October 1, 2015, whichever one is not accepting EMV transactions and using strong customer verification methods. Automated Fuel Dispensers liability shift date starts October 2017. heartlandpaymentsystems.com 3

Is EMV Secure? EMV is secure. EMV s payment security approach is based on smartcard technology that adds dynamic security data to the transaction stream, rendering replay of payment transactions unpractical. Additionally, every card contains its own microprocessor chip, making the cards nearly impossible to economically counterfeit. Using EMV improves the security of payment transactions in three areas: Dynamic card authentication protects against counterfeit cards. Cardholder verification using PIN authenticates the cardholder and protects against acceptance of lost and stolen cards. Transaction authorization using issuer-defined rules to authorize transactions reduces the chance for transaction interception or man-in-the-middle attacks. EMV cards contain a secure integrated chip that is tamperresistant and includes a variety of hardware and software capabilities that immediately detect and react to tampering attempts, thus countering possible attacks. However, EMV does not encrypt the cardholder account number or other transaction information that hackers can monetize, thus the need for additional security. Additionally, each EMV card issued in the U.S. will carry a magnetic stripe that could be skimmed and used fraudulently. Heartland Secure Heartland Secure TM is a comprehensive card data security solution that combines three powerful technologies, working in tandem, to provide merchants with the highest level of security available to protect against card-present data fraud. This exclusive solution is designed to provide businesses with security against point-of-sale (POS) intrusions, insider misuse, and other common sources of data fraud, by eliminating the opportunity for criminals to monetize card data. Heartland Secure combines: EMV electronic chip card technology to authenticate that a consumer s card is genuine; Heartland s E3 end-to-end encryption technology, which immediately encrypts card data as it is entered so that no one else can read it; and Tokenization technology, which replaces card data with tokens that can be used for returns and repeat purchases, but are unusable by outsiders and have no value. heartlandpaymentsystems.com 4

How Do E3 and Tokenization Work with EMV? E3 encrypts the cardholder information, making card data indiscernible as it enters the payment cycle. In the event of firewalls or network security being breached, hackers and criminals gain nothing of commercial value. With E3, captured and encrypted card data cannot be used to make counterfeit cards or fraudulent phone/mail/online purchases. Magnetic stripe swiped and EMV transactions are encrypted prior to leaving the terminal so the transactions and cardholder information is sent encrypted through your network, over the Internet, and to Heartland without being readable. Tokenization eliminates the need to refer to a customer card number for returns, voids, card on file and recurring transactions. Both E3 and tokenization combine with EMV to provide optimal transactions. What Is the Technology Innovation Program (TIP) and Does It Apply to Me? Effective October 2012, Visa s TIP provides qualifying merchants Level 1 and Level 2 merchants that process more than 1 million Visa transactions annually PCI audit relief when 75% of the merchant s Visa transactions originate at a dual-interface EMV chip-enabled terminal. However, all merchants must continue to comply with PCI DSS. MasterCard offers a similar program to Visa. It is important to note that whether you are a Level 1 merchant processing more than 1 million transactions a year, or a corner convenience store processing 10,000 transactions annually, you are still responsible for being PCI compliant. What Is the Liability Shift and How Does It Apply to Merchants? The United States liability shift for domestic and crossborder counterfeit POS transactions begins October 1, 2015. It will impact all merchants that accept MasterCard,Visa, American Express and Discover cards. If an EMV card is presented to a merchant that has not installed EMV terminals, liability for counterfeit fraud will shift to the merchant. The liability for counterfeit fraud today is held by the card issuer (automated fuel dispensers are an exception), so the 2015 liability shift could result in merchants incurring additional chargebacks and losses if they are not utilizing EMV terminals. Questions? If you have questions about EMV, lowering your cost of payments, how to better manage your store network, improving transaction security, payroll management or anything related to payment processing, please reach out to us at heartlandpaymentsystems.com/about/contactus. heartlandpaymentsystems.com 5

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information